3550#config t Enter configuration commands, one per line. End with CNTL/Z. 3550(config)#int f0/10 3550(config-if)#no switchport 3550(config-if)#ip add 10.10.10.10 255.255.255.0 3550(config-if)#no shut 3550(config-if)#
當(dāng)你在機(jī)房放置一臺(tái)3550,但你不能保證其物理上的安全, 就可以考慮使用取消密碼恢復(fù). 配置命令為: (config)#no service passWord-recovery 這樣就可以防止一些人通過(guò)密碼恢復(fù)來(lái)達(dá)到控制交換機(jī)的目的。 當(dāng)交換機(jī)啟動(dòng)時(shí)候被中斷的時(shí)候, 就要求你是否要‘刪除交換機(jī)的配置’,假如選擇N,交換機(jī)仍然正常啟動(dòng)....
3. Extended Range VLANs
假如3550交換機(jī)處在VTP 透明模式下, 就可以使用 extended range VLANs (1006-4094), 這樣你就可以擴(kuò)展你的VLAN使用數(shù)量....
配置如下: 3550(config)#vtp mode server Setting device to VTP SERVER mode 3550(config)#vlan 2000 3550(config-vlan)#exit Extended VLANs not allowed in VTP SERVER mode
3550#config t Enter configuration commands, one per line. End with CNTL/Z. 3550(config)#int f0/13 3550(config-if)#switchport ? access Set access mode characteristics of the interface block Disable forwarding of unknown uni/multi cast addresses broadcast Set broadcast suppression level on this interface host Set port host mode Set trunking mode of the interface multicast Set multicast suppression level on this interface nonegotiate Device will not engage in negotiation protocol on this interface port-security Security related command priority Set appliance 802.1p priority
protected Configure an interface to be a protected port
trunk Set trunking characteristics of the interface unicast Set unicast suppression level on this interface voice Voice appliance attributes 3550(config-if)#switchport protected 3550(config-if)#end
3550(config)#crypto key generate rsa ? modulus Provide number of modulus bits on the command line usage-keys Generate separate RSA keys for signing and encryption
3550(config)#crypto key generate rsa % Please define a domain-name first. 3550(config)#ip domain-name ciscolab.net 3550(config)#crypto key generate rsa The name for the keys will be: 3550.ciscolab.net Choose the size of the key modulus in the range of 360 to 2048 for your General Purpose Keys. Choosing a key modulus greater than 512 may take a few minutes.
How many bits in the modulus [512]: Generating RSA keys ... [OK]
3550(config)# 00:09:32: %SSH-5-ENABLED: SSH 1.5 has been enabled 3550(config)#username cisco password cisco 3550(config)#line vty 0 4 3550(config-line)#login local 3550(config-line)#transport i 3550(config-line)#transport input ssh 3550(config-line)#end 3550#
2 -rwx 0 Jan 01 1970 00:01:30 env_vars 3 -rwx 342 Jan 01 1970 00:01:30 system_env_vars 4 -rwx 916 Mar 01 1993 05:07:46 vlan.dat 5 -rwx 5 Mar 01 1993 02:30:29 private-config.text 6 -rwx 2662 Mar 01 1993 02:30:29 config.text 7 drwx 192 Mar 01 1993 00:03:34 c3550-i5q3l2-mz.121-11.EA1 ----> (該ios 不支持ssh特性) 15998976 bytes total (10910208 bytes free)
3550(config-line)#transport input ? all All protocols none No protocols telnet TCP/IP Telnet protocol -----> 沒(méi)有ssh 選項(xiàng)
3550#sh flash Directory of flash:/ 2 -rwx 4404040 Mar 02 1993 00:39:47 c3550-i5k2l2q3-mz.121-12c.EA1a.b in --------------------> 帶有crypto image的ios 3 -rwx 2824 Mar 02 1993 00:39:56 config.text 4 -rwx 5 Mar 02 1993 00:39:56 private-config.text 5 -rwx 736 Mar 01 1993 00:00:51 vlan.dat 15998976 bytes total (11589120 bytes free)
3550#config t Enter configuration commands, one per line. End with CNTL/Z. 3550(config)#line vty 0 4 3550(config-line)#transp 3550(config-line)#transport input ? all All protocols none No protocols [ssh TCP/IP SSH protocol-----------> 多了這個(gè)ssh參數(shù) telnet TCP/IP Telnet protocol
